[Pkg-openldap-devel] Bug#488710: CVE id assigned
Nico Golde
nion at debian.org
Tue Jul 1 21:34:25 UTC 2008
Hi,
CVE-2008-2952 was assigned to this issue:
======================================================
Name: CVE-2008-2952
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952
Reference: CONFIRM:http://www.openldap.org/its/index.cgi/Software%20Bugs?id=5580;selectid=5580
liblber/io.c in OpenLDAP 2.3.41, 2.3.42, and possibly other versions
allows remote attackers to cause a denial of service (program
termination) via crafted ASN.1 BER datagrams, which triggers an
assertion error.
Please reference this id if you fix the bug in the next upload.
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-openldap-devel/attachments/20080701/9ede529f/attachment.pgp
More information about the Pkg-openldap-devel
mailing list